Blank password works for root
Bevan C. Bennett
bevan at fulcrummicro.com
Sat Jan 10 00:00:41 UTC 2004
Bill Beeman wrote:
>
> Comes from pam_smb-1.1.7-2
Ah! I'd missed that one.
>>* What changes if you remove the pam_smb_auth line? Do you still have
>>null access? Do you still have access using the password?
>>
>
> Commenting out the pam_smb_auth line fixes the immediate problem. No
> null access, and can log in with the root password. So perhaps
> somewhere in the Samba system? I'm a relative newbie here and don't
> quite know where to look next. The offending machine is an upgrade from
> RH9. The samba server is still an RH9 box, and is running Samba 2.2.8a.
There's a lot of scary sounding stuff in
/usr/share/doc/pam_smb-1.1.7/README, particularly regarding the use of
'nolocal' to turn off local password file checks. I suspect that your
samba server is somehow offering an unpassworded 'root' account.
> I really appreciate the help.
No problem. When things slow down it's been good to keep my debugging
skills fired up. :)
More information about the fedora-list
mailing list